Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Can i Store a "String" in "keystore" in Android and retrieve it later?

Is it possible to save a string in the keystore and then retrieve it?

I have an AES password already generated, I just want to store it in a safer place than the database.

All the examples I have seen store an AES key that is generated at the moment. I can use this solution if I could have access to the original key to send it to the server, is this possible?

like image 324
Apyc Avatar asked Nov 07 '22 03:11

Apyc


1 Answers

You can store the AES key into AndroidKeyStore safely. The keying material can be used by your application without exposing it.

But a key in AndroidKeyStore is not extractable, so in order to be able to send the AES key to server you will need to generate the key outside, and wrap it using an additional encryption key managed by AndroidKeyStore. Then the encrypted AES key can be stored in the device or even in the server

Please see my answer here with all options explained: how to securely store encryption keys in android?

like image 135
pedrofb Avatar answered Nov 13 '22 00:11

pedrofb